FTP active/passive and NAT

There is a picture about FTP active and passive port:

source:https://slideplayer.com/slide/5933080/

Keys

• Data port = CMD port + 1
• How does client know the server’s data port in passive mode:

By Server tells client by port command, see below picture

227 is common code of FTP

This is the response given by the server to the PASV command. It indicates that the server is ready for the client to connect to it for the purpose of establishing a data connection. The format of this response is important because the client software must be capable of parsing out the connection information it contains. The values h1 to h4 are the IP addresses that the server is listening on. The values p1 to p2 are used to calculate the port that the server is listening on using the following formula: PASV port = (p1 * 256) + p2.

source:https://support.solarwinds.com/Success_Center/Serv-U_Managed_File_Transfer_Serv-U_FTP_Server/Knowledgebase_Articles/227_FTP_response_code

• Passive is better than active because of NAT:

Passive mode is more than active. Most of client connect to Internet by NAT/NAPT. In active mode, it is impossible for server to init a new connection to client’s port(send SYN to a new port of client) because NAT doesn’t have a record of unused port of client